The Austrian Data Protection Authority has ordered a Swiss online hotel booking platform to comply with the requirements set forth in the EU General Data Protection Regulation (GDPR), in particular to provide the information according to Art. 13 GDPR to the data subject. The ordinance was based on the following facts: An Austrian citizen living […]
Posts by Wiebke Kummer:
Hellenic DPA Fines PWC for Unlawful Processing of Employee Data
The Hellenic Data Protection Authority has fined PriceWaterhouseCoopers Business Solutions SA 150,000.00 € for unlawful processing of employee data, after the Authority had conducted an ex officio investigation in response to a complaint. The Authority also ordered a series of corrective measures and gave PWC three months’ time for their implementation. Reportedly, the company had […]
Portuguese Data Protection Authority Imposes 400,000 € Fine on Hospital
The Barreiro Hospital in Portugal was fined 400,000 € by the Portuguese Data Protection Authority CNPD (Comissão Nacional de Proteção de Dados) for incompliancy with the EU General Data Protection Regulation (GDPR) by not separating access rights to patents’ clinical data. The public sector hospital had granted access to patients’ clinical data via their system […]
Japan on Its Way to Data Protection Adequacy?
Data transfers to countries outside the European Economic Area are only legal if –in addition to the requirement of a legal basis or the data subject’s consent– an adequate level of data protection in that country can be guaranteed. One way this can be achieved is an Adequacy Decision of the European Commission. The Commission […]